Re: Common (basic) security checks for a base installation? (was Re: Security notification script in Perl)
On 28-Dec-02, 14:54 (CST), Bob Proulx <bob@proulx.com> wrote:
> Javier Fern?ndez-Sanguino Pe?a <jfs@computer.org> [2002-12-26 10:30:38 +0100]:
> > The checksecurity script in the cron package is a good start, but is
> > clearly not sufficient (and the name is also misleading, see Bug #163813).
>
> I was completely surpised to see that installing cron also installed
> several scripts that served completely different agendas. It seems
> that the cron package aquired more "riders" than a bill through the US
> congress! Those should not be part of a basic cron installation.
> They would be fine in their own package, however.
FWIW, it "grew" all the barnacles before I started maintaining it back
in, hmm, 95?, 96?, anyway, long before there was whole lot of concern
about people being very picky about the purity and granularity of
packages.
> This is what Steve had to say about it in Bug #163813
> Steve Greenland <steveg@moregruel.net> writes:
> > The "checksecurity" part of cron is a big joke. It's completely out of
> > place, and has been so neutered by complainers over the years that I'm
> > planning on separating it out of cron and then orphaning the package.
> > The tricky part is getting the conffile safely moved, which is why I
> > haven't done it earlier.
And indeed, what I intend to do in the next few weeks.
Steve
--
Steve Greenland
The irony is that Bill Gates claims to be making a stable operating
system and Linus Torvalds claims to be trying to take over the
world. -- seen on the net
Reply to: